Information Security Risk Analyst 4 at Lam Research

Bengaluru, karnataka, India -

Full Time

Start Date

Immediate

Expiry Date

03 Mar, 26

Salary

0.0

Posted On

03 Dec, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Vulnerability Management, Risk Assessment, Cybersecurity, Data Analytics, Automation, Scripting, Technical Guidance, Impact Assessment, Stakeholder Engagement, Infrastructure Security, Cloud Security, Threat Modelling, Reporting, Mitigation Strategies, Networking, Systems Administration, Application Development

Industry

Semiconductor Manufacturing

Description

You will be responsible for providing management and oversight to the internally delivered cybersecurity vulnerability management service. You will own and manage the vulnerability assessment and management program and execute a vulnerability management strategy. Design and develop vulnerability mitigation strategy, prioritize identified vulnerabilities, and manage risk associated with vulnerabilities. Classify and prioritize the risk of new vulnerabilities according to the specifics of our unique environment's risk level, mitigating factors, and assessment of the impacts of internal and external threats. Participate in impact assessments to help define prioritization and proper monitoring coverage. Provide recommendations and technical guidance for the vulnerability management program. Validate scan results, research mitigation methods and retest findings. Demonstrate understanding of infrastructure/cloud vulnerability scanning and configuration. Develop automation, orchestration, and scripting to reduce manual processes, improving overall efficiency while also enabling new capabilities to meet our rapidly changing needs. Expected to possess strong knowledge of vulnerability management - Triage, Prioritize, Remediate, and security threat modelling. Develop relationships with IT teams to resolve aging critical vulnerabilities on assets, establish regular forums with stakeholders to drive remediation of vulnerabilities. Analyze requirements to develop and manage program metrics and performance through reporting. Produce detailed reports and present metrics to key stakeholders in the business. Reporting gaps in a meaningful way that addresses a business risk as well as providing technical solutions to the operations teams in remediation is key. Maintain oversight of vulnerability reporting communications Knowledge of information security industry and regulatory obligations (ISO 27000-series, NIST Framework, etc.) Experience with scanning tools such as Microsoft Defender, Tenable, Rapid7 and Qualys and their configurations is preferred. Certified in one of the security certifications like CEH/CISSP/OSCP Experience with data analytics with the ability to provide qualitative analysis and recommendations. Ability to develop strong working relationships with a variety of other enabling teams. Strong attention to detail, data accuracy, and data analysis Self-motivated and operates with a high sense of urgency and a high level of integrity. Ability to automate technical tasks using API or scripting. Bachelor's degree in computer science, Information Technology, Cyber Security, or related discipline 7+ years of Cybersecurity experience with a concentration in vulnerability management Understanding of a variety of technical concepts such as Networking, systems administration, application development, and information security practices

Responsibilities

You will manage the vulnerability assessment and management program, executing a vulnerability management strategy. This includes classifying and prioritizing risks, providing recommendations, and developing automation to improve efficiency.